- Company Name
- i3Secure Ltd
- Job Title
- ISO Consultant
- Job Description
-
Job Description
Our ISO consultants are trusted to work closely with a wide range of clients from all sectors on exciting projects with real-world purpose and impact. Our roles are only available if you hold or fulfil the criteria to obtain a UK Security Clearance.
Candidates must be based in the UK, and prepared to travel to client sites, therefore must also hold a valid UK Driving Licence.
Role Overview
The successful candidate will ensure our clients achieve and maintain certification to ISO Standards such as ISO 27001, ISO 27701, and ISO 22301. You will need to be highly organised, able to manage a high workload and multiple clients. You will need to have fantastic inter-personal skills to convey the in-depth knowledge of ISO Standards that you have. You will need to have a sound understanding of the Internal and External Audit processes and be able to guide clients through them. Ideal Candidates will have significant experience in Information Security and ISO 27001 and be willing to attain further qualifications and experience with other ISO Standards.
Key Responsibilities:
Develop and implement comprehensive management systems aligned with relevant standards – ISO 27001, ISO 27701, ISO 22301, ISO 9001.
Conduct audits of clients' management systems to assess compliance and identify areas for continual improvement.
Conduct independent and objective gap analysis assessments for clients, evaluating the design, implementation, and effectiveness of controls.
Identify vulnerabilities, control weaknesses, and non-compliance issues through interviews, document reviews, testing procedures, and other established audit methodologies.
Identify and assess the organisation's risks and work with clients to mitigate those risks utilising controls
Collaborate with stakeholders across various departments (IT, HR, Legal, etc.) to implement corrective actions effectively.
Create management system-related Documents/Checklists/Policies/SOPs, and drive related activities throughout all locations.
Adhere to strict ethical standards and organisational information security practices when handling client data.
Key Skills:
Significant experience in ISO 27001 as a minimum, but preferably also experience in ISOs 27701/22301/9001
ISO 9001 Experience is desirable
A strong understanding of information security and data privacy frameworks like NIST Cybersecurity Framework (CSF), GDPR, CIS or similar.
Experience planning, preparing, and delivering internal and external audits.
Should have detailed experience and knowledge of Cyber/Information Security Governance, Risk Management, and Compliance.
Knowledge of industry best practices and procedures, Information Security Management tools-methods-techniques-and their applications, ISMS specific documentation structures-hierarchy-and interrelationships, electronic and digital signatures, electronic evidence collection, etc.
Strong Knowledge of Audit planning, Audit risks, Information Security Process Analysis, information security controls, risk assessment methodologies, vulnerability management principles and Internal Auditing of Information Security Management Systems.
Required Qualifications:
ISO 27001 Lead Auditor/ Implementer
Desirable Qualifications:
ISO 22301/9001/27701 Lead Auditor/ Implementer
CISA
CISM
CISMP
CISSP
GDPR Practitioner
CRISC
We will provide a benefits package that includes:
Competitive Salary based on experience and qualifications
Bonus Scheme
27 Days Holiday - Plus bank holidays
Company Pension
Remote Working
Dedicated Training Budget
Life Assurance
Cycle to Work Scheme
Private Healthcare (incl. Gym discounts)
Vision Care
Health & Wellbeing Perks
*This role requires candidates to hold or fulfil the criteria to obtain a UK Security Clearance, reside in the UK and possess a valid UK Driving Licence.
How to apply: Please visit our careers page to apply. https://i3secure.connectats.com/careers
NB: Applications by Easy Apply, direct email and/or direct messaging will not be viewed by the hiring manager.
